unixfreaxjp

WORDPRESS WEB VULNS & GOT INFECTED SITES ON 2012, APRIL 19TH

Apr 19th, 2012
176
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. WORDPRESS WEB VULNS & GOT INFECTED SITES ON 2012, APRIL 19TH
  2. QUERRIED STRINGS: */wp-includes/* || */wp-content/*
  3. Source: http://www.malwareblacklist.com
  4. ------------------------------------------------------------------------------------------------
  5. Date URL Registrar IP ASN Hosting CN
  6. ------------------------------------------------------------------------------------------------
  7. 2012/04/19_08:11 und-noch.org/wp-content/uploads/2011/02/ugal1.jpg?%3F Red Orbit 82.197.130.40 13237 LAMBDANET CO... Germany
  8. 2012/04/19_07:19 youtu.it/wp-content/themes/Magnificent/js/superfish.js REGISTER-REG... 195.110.124.133 12363 DADANET ITAL... Italy
  9. 2012/04/19_07:18 youtu.it/wp-content/themes/Magnificent/js/jquery.easing.1.3.js REGISTER-REG... 195.110.124.133 12363 DADANET ITAL... Italy
  10. 2012/04/19_07:18 youtu.it/wp-content/themes/Magnificent/js/jquery.cycle.all.min.js REGISTER-REG... 195.110.124.133 12363 DADANET ITAL... Italy
  11. 2012/04/19_07:18 youtu.it/wp-content/themes/Magnificent/epanel/page_templates/js/fancybox/jquery.fancybox-1.3.4.pack.js?ver=1.3.4 REGISTER-REG... 195.110.124.133 12363 DADANET ITAL... Italy
  12. 2012/04/19_07:18 youtu.it/wp-content/themes/Magnificent/epanel/page_templates/js/fancybox/jquery.easing-1.3.pack.js?ver=1.3.4 REGISTER-REG... 195.110.124.133 12363 DADANET ITAL... Italy
  13. 2012/04/19_07:18 youtu.it/wp-content/plugins/contact-form-8/contact-form-7.js?ver=1.0.0 REGISTER-REG... 195.110.124.133 12363 DADANET ITAL... Italy
  14. 2012/04/19_06:54 saltytours.is/wp-content/themes/dandelion_v2.6.2/ui/jquery-ui-1.8.13.custom.js - 93.95.224.121 44925 1984 EHF Iceland
  15. 2012/04/19_06:28 postoakfarm.org/wp-content/themes/EarthlyTouch/js/superfish.js Les Vahsholt... 69.89.21.68 46606 BLUEHOST INC... USA
  16. 2012/04/19_06:22 ozwiazkach.pl/wp-content/themes/Linepress/inc/js/superfish-1.4.8.js - 87.98.233.250 16276 OVH SYSTEMS Poland
  17. 2012/04/19_06:20 oneagleswingsfarm.org/wp-content/themes/Revoltz/core/js/jquery.base64.js GoDaddy.com ... 72.29.75.191 33182 HOSTDIME.COM... USA
  18. 2012/04/19_06:13 mriyatrade.com.ua/wp-content/themes/ElegantEstate/epanel/page_templates/js/fancybox/jquery.fancybox-1.2.6.pack.js?ver=1.3.2 - 193.169.188.64 21219 HOSTPRO Ukraine
  19. 2012/04/19_05:59 kazak-tili.kz/wp-content/plugins/contact-form-7/scripts.js?ver=2.4.3 - 92.47.29.12 9198 JSC KAZAKHTE... Kazakhstan
  20. 2012/04/19_05:52 januszkorczak.pl/wp-content/themes/eNews/epanel/page_templates/js/et-ptemplates-frontend.js - 212.85.116.188 12824 HOME.PL Poland
  21. 2012/04/19_05:42 gobeskidy.pl/wp-content/plugins/ajax-comments/scriptaculous/slider.js - 94.152.139.49 29522 KRAKOWSKIE E... Poland
  22. 2012/04/19_05:42 gobeskidy.pl/wp-content/plugins/ajax-comments/scriptaculous/scriptaculous.js - 94.152.139.49 29522 KRAKOWSKIE E... Poland
  23. 2012/04/19_05:42 gobeskidy.pl/wp-content/plugins/ajax-comments/scriptaculous/prototype.js - 94.152.139.49 29522 KRAKOWSKIE E... Poland
  24. 2012/04/19_05:41 gobeskidy.pl/wp-content/plugins/ajax-comments/scriptaculous/effects.js - 94.152.139.49 29522 KRAKOWSKIE E... Poland
  25. 2012/04/19_05:41 gobeskidy.pl/wp-content/plugins/ajax-comments/scriptaculous/dragdrop.js - 94.152.139.49 29522 KRAKOWSKIE E... Poland
  26. 2012/04/19_05:41 gobeskidy.pl/wp-content/plugins/ajax-comments/scriptaculous/controls.js - 94.152.139.49 29522 KRAKOWSKIE E... Poland
  27. 2012/04/19_05:41 gobeskidy.pl/wp-content/plugins/ajax-comments/scriptaculous/builder.js - 94.152.139.49 29522 KRAKOWSKIE E... Poland
  28. 2012/04/19_05:31 fabulousmasterpieces-blog.co.uk/wp-content/themes/supermassive/lib/scripts/mediaplayer/jwplayer.js - 188.65.115.129 35732 UK WEBHOSTIN... U.K.
  29. 2012/04/19_05:30 fabulousmasterpieces-blog.co.uk/wp-content/themes/supermassive/js/reflection.js - 188.65.115.129 35732 UK WEBHOSTIN... U.K.
  30. 2012/04/19_05:30 fabulousmasterpieces-blog.co.uk/wp-content/themes/supermassive/js/flashfix.js - 188.65.115.129 35732 UK WEBHOSTIN... U.K.
  31. 2012/04/19_05:30 fabulousmasterpieces-blog.co.uk/wp-content/themes/supermassive/js/custom.js - 188.65.115.129 35732 UK WEBHOSTIN... U.K.
  32. 2012/04/19_05:27 ekul.co.uk/wp-content/themes/Basic/epanel/page_templates/js/fancybox/jquery.fancybox-1.2.6.pack.js?ver=1.3.2 - 82.165.97.17 8560 1&1 INTERNET... Germany
  33. 2012/04/19_05:19 domainmeeting.pl/wp-content/themes/Chameleon/js/superfish.js - 89.161.250.16 12824 HOME.PL Poland
  34. 2012/04/19_05:19 documentare.org/wp-content/plugins/google-analyticator/external-tracking.min.js Protected Do... 188.215.55.36 34358 JUMP MANAGEM... Romania
  35. 2012/04/19_05:17 differentscene.co.uk/wp-content/themes/network/js/jquery.nivo.slider.js - 94.126.40.144 50056 ADVANTAGE IN... U.K.
  36. 2012/04/19_05:16 credit-cards-for-bad-credit.org/wp-content/themes/twentyeleven/js/html5.js WhoisGuard ... 65.60.41.26 32475 SINGLEHOP IN... USA
  37. 2012/04/19_05:16 dainhan.info/wp-content/plugins/nextgen-gallery/js/ngg.slideshow.min.js?ver=1.05 Tran Thang L... 112.213.89.90 45544 PAVIETNAM CO... Vietnam
  38. 2012/04/19_05:07 cedaroncharles.com.au/wp-content/plugins/wp-jquery-lightbox/jquery.lightbox.min.js - 64.13.192.127 31815 MEDIA TEMPLE... USA
  39. 2012/04/19_05:05 ca-photo.de/wp-content/plugins/nextgen-gallery/js/jquery.cycle.all.min.js - 88.84.137.176 24989 EQUINIX (GER... Germany
  40. 2012/04/19_05:02 bicer.pp.ua/wp-content/plugins/nextgen-gallery/js/jquery.cycle.all.min.js - 93.170.48.24 15497 ALFA TELECOM... Ukraine
  41. 2012/04/19_05:01 bayu.my/wp-content/themes/et_Webly/js/jquery.cycle.all.min.js - 79.170.40.233 31727 HEART INTERN... U.K.
  42. 2012/04/19_04:53 arenarentacar.rs/wp-content/themes/Chameleon/epanel/shortcodes/js/et_shortcodes_frontend.js?ver=1.7 - 194.9.94.203 39570 LOOPIA AB Sweden
  43. 2012/04/19_04:47 afyondsyb.org/wp-content/themes/ecobiz/js/jquery.prettyPhoto.js Sabri CETING... 85.153.35.232 31365 SISTEM GELIS... Turkey
  44. 2012/04/19_04:45 acs45.rs/wp-content/plugins/wp-jquery-lightbox/jquery.lightbox.min.js - 217.26.70.100 15982 DRUSTVO ZA T... Serbia
  45. 2012/04/19_07:19 youtu.it/wp-includes/js/l10n.js?ver=20101110 REGISTER-REG... 195.110.124.133 12363 DADANET ITAL... Italy
  46. 2012/04/19_07:19 youtu.it/wp-includes/js/jquery/jquery.form.js?ver=2.73 REGISTER-REG... 195.110.124.133 12363 DADANET ITAL... Italy
  47. 2012/04/19_07:19 youtu.it/wp-includes/js/comment-reply.js?ver=20090102 REGISTER-REG... 195.110.124.133 12363 DADANET ITAL... Italy
  48. 2012/04/19_06:41 robertster.pl/wp-includes/js/jquery/jquery.js - 89.161.220.30 12824 HOME.PL Poland
  49. 2012/04/19_06:38 recreation.ownmylife.co.za/wp-includes/js/comment-reply.js?ver=20090102 - 184.22.145.67 21788 NETWORK OPER... USA
  50. 2012/04/19_06:27 pimpmylife.co.uk/wp-includes/js/jquery/jquery.js?ver=1.4.2 - 83.245.63.205 33970 PACKETEXCHAN... U.K.
  51. 2012/04/19_06:14 myhamy.org/wp-includes/js/jquery/jquery.js myhamy.org P... 75.119.204.76 26347 NEW DREAM NE... USA
  52. 2012/04/19_05:21 dreamindiaholidays.co.in/wp-includes/js/jquery/jquery.js?ver=1.7.1 Vir Bikram K... 208.91.199.19 40034 CONFLUENCE N... Virgin Islands (British)
  53. ------
  54. ZeroDay Japan http://0day.jp
  55. OPERATION CLEANUP JAPAN | #OCJP
  56. Analyst: Hendrik ADRIAN アドリアン・ヘンドリック Malware Researcher VT/ twitter/google: @unixfreaxjp
  57. sponsored by: 株式会社ケイエルジェイテック http://www.kljtech.com
RAW Paste Data Copied